summaryrefslogtreecommitdiff
path: root/src/security/tpm/tspi
diff options
context:
space:
mode:
Diffstat (limited to 'src/security/tpm/tspi')
-rw-r--r--src/security/tpm/tspi/crtm.c11
-rw-r--r--src/security/tpm/tspi/crtm.h6
2 files changed, 16 insertions, 1 deletions
diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c
index 6f8f58fcd1..41f6a9483a 100644
--- a/src/security/tpm/tspi/crtm.c
+++ b/src/security/tpm/tspi/crtm.c
@@ -73,7 +73,16 @@ static uint32_t tspi_init_crtm(void)
return VB2_ERROR_UNKNOWN;
}
cbfs_unmap(mapping);
- } /* else: TODO: Add SoC specific measurement methods. */
+ } else {
+ /* Since none of the above conditions are met let the SOC code measure the
+ * bootblock. This accomplishes for cases where the bootblock is treated
+ * in a special way (e.g. part of IFWI or located in a different CBFS). */
+ if (tspi_soc_measure_bootblock(TPM_CRTM_PCR)) {
+ printk(BIOS_INFO,
+ "TSPI: Couldn't measure bootblock into CRTM on SoC level!\n");
+ return VB2_ERROR_UNKNOWN;
+ }
+ }
return VB2_SUCCESS;
}
diff --git a/src/security/tpm/tspi/crtm.h b/src/security/tpm/tspi/crtm.h
index c4d051d988..bd5bc5785d 100644
--- a/src/security/tpm/tspi/crtm.h
+++ b/src/security/tpm/tspi/crtm.h
@@ -28,4 +28,10 @@ int tspi_measure_cache_to_pcr(void);
*/
uint32_t tspi_cbfs_measurement(const char *name, uint32_t type, const struct vb2_hash *hash);
+/*
+ * Provide a function on SoC level to measure the bootblock for cases where bootblock is
+ * neither in FMAP nor in CBFS (e.g. in IFWI).
+ */
+int tspi_soc_measure_bootblock(int pcr_index);
+
#endif /* __SECURITY_TSPI_CRTM_H__ */
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-12 13:54:46 +0000